package timing.ukulele.auth.security.type.third;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher;
import org.springframework.util.StringUtils;
import timing.ukulele.auth.security.LoginTypeEnum;
import timing.ukulele.auth.security.SecurityUtils;
import timing.ukulele.auth.security.ThirdTypeEnum;

public class ThirdQrAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
    private boolean postOnly = true;
    private final String thirdTypeParameter = "thirdType";
    private final String codeParameter = "code";

    public ThirdQrAuthenticationFilter() {
        super(PathPatternRequestMatcher.withDefaults().matcher(HttpMethod.POST,LoginTypeEnum.THIRD_QR.getPath()));
    }

    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
        if (this.postOnly && !request.getMethod().equals("POST")) {
            throw new AuthenticationServiceException("Authentication method not supported: " + request.getMethod());
        } else {
            String code = this.obtainCode(request);
            code = code != null ? code : "";
            ThirdTypeEnum type = this.obtainThirdType(request);
            if (type == null) {
                throw new InsufficientAuthenticationException("暂不支持该平台");
            }
            if (!StringUtils.hasLength(code)) {
                throw new AuthenticationServiceException("参数错误");
            }
            ThirdQrAuthenticationToken authRequest = new ThirdQrAuthenticationToken(code,type);
            this.setDetails(request, authRequest);
            return this.getAuthenticationManager().authenticate(authRequest);
        }
    }

    protected ThirdTypeEnum obtainThirdType(HttpServletRequest request) {
        String encryptedThirdType = request.getParameter(this.thirdTypeParameter);
        if (StringUtils.hasLength(encryptedThirdType)) {
            String parameter = SecurityUtils.decryptPassword(encryptedThirdType);
            return ThirdTypeEnum.getByCode(Integer.parseInt(parameter));
        }
        return null;
    }

    protected String obtainCode(HttpServletRequest request) {
        String encryptedCode = request.getParameter(this.codeParameter);
        if (StringUtils.hasLength(encryptedCode)) {
            return SecurityUtils.decryptPassword(encryptedCode);
        }
        return null;
    }

    protected void setDetails(HttpServletRequest request, ThirdQrAuthenticationToken authRequest) {
        authRequest.setDetails(this.authenticationDetailsSource.buildDetails(request));
    }

//    public void setPostOnly(boolean postOnly) {
//        this.postOnly = postOnly;
//    }
}
